urlquery - report: www.kamossat.gq/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
ocsp.digicert.com (1)	86	2012-05-21 07:02:23 UTC	2022-09-07 14:29:23 UTC	93.184.220.29
push.services.mozilla.com (1)	2140	2015-09-03 10:29:36 UTC	2022-09-07 05:08:41 UTC	54.149.101.24
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-09-07 12:21:16 UTC	34.120.237.76
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-09-07 12:55:42 UTC	143.204.55.27
r3.o.lencr.org (4)	344	2020-12-02 08:52:13 UTC	2022-09-07 04:50:01 UTC	23.36.77.32
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-09-07 05:03:48 UTC	143.204.55.25
www.kamossat.gq (2)	0	2022-08-21 04:44:58 UTC	2022-09-07 15:36:46 UTC	142.4.6.21	Unknown ranking
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-09-07 04:49:50 UTC	34.117.237.239

Scan Date	Severity	Indicator	Comment
2022-09-07	2	www.kamossat.gq/	Arvest Bank
2022-09-07	2	www.kamossat.gq/	Arvest Bank

Scan Date	Severity	Indicator	Comment
2022-09-07	2	www.kamossat.gq/	Phishing

Scan Date	Severity	Indicator	Comment
2022-09-07	2	kamossat.gq	Sinkholed
2022-09-07	2	kamossat.gq	Sinkholed

Date	UQ / IDS / BL	URL	IP
2022-12-26 13:34:57 +0000	0 - 1 - 3	masaeli8.cf/	142.4.6.21
2022-12-24 13:33:14 +0000	0 - 9 - 3	accounts-mangmentxq.ga/	142.4.6.21
2022-09-08 10:22:14 +0000	0 - 0 - 3	nlcgbaf7.cf/verifyedd/	142.4.6.21
2022-09-08 07:04:53 +0000	0 - 0 - 3	uzdoyzk6.ga/SECU[MRWEEBEE].zip	142.4.6.21
2022-09-08 03:09:43 +0000	0 - 0 - 2	qlgfveu5.tk/.contact/	142.4.6.21

Date	UQ / IDS / BL	URL	IP
2023-01-28 19:04:03 +0000	0 - 1 - 3	mendezplumbingservicellc.com/101.exe	162.215.97.2
2023-01-28 18:59:49 +0000	0 - 0 - 2	hawesconstruction-ohio.com/public/UXSqBWC0Z6V (...)	66.147.240.98
2023-01-28 18:57:24 +0000	4 - 0 - 11	wordpresspost.com/Boaafm/Bofa/verify-otp.php	162.144.51.100
2023-01-28 18:52:20 +0000	0 - 1 - 0	amazon-transaction7.com/	162.241.70.105
2023-01-28 18:50:11 +0000	0 - 0 - 2	sartorioesilva.com.br/index2.html	192.185.215.240

Date	UQ / IDS / BL	URL	IP
2022-09-07 22:25:18 +0000	0 - 0 - 5	www.kamossat.gq/	142.4.6.21
2022-09-07 18:58:29 +0000	0 - 0 - 5	www.kamossat.gq/	142.4.6.21

Date	UQ / IDS / BL	URL	IP
2023-01-28 19:08:22 +0000	0 - 2 - 3	harleyqueretaro.com/renew2019/Back2016-12-22/ (...)	63.247.138.144
2023-01-28 19:07:43 +0000	0 - 0 - 1	yyhdb.oss-cn-shenzhen.aliyuncs.com/XunZipSetu (...)	120.77.166.65
2023-01-28 19:07:30 +0000	0 - 1 - 0	pkg-store.dl.mail.ru/packages/shop/0_2011552d (...)	188.93.63.73
2023-01-28 19:07:17 +0000	0 - 1 - 0	pkg-store.dl.mail.ru/packages/shop/0_2011552d (...)	188.93.63.73
2023-01-28 19:06:40 +0000	0 - 3 - 3	airhobi.com/system/WLvH1ygkOYQO/	193.53.245.52

Request	Response
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Wed, 07 Sep 2022 18:04:44 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: 1GTAG2h4ztqa1oaJRZhdpvRVEJdgXY-fL-2v0tBzHD1zo1GzRW6Xaw== Age: 3214 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 99b7d23c1748d0526782b9ff9ea45f09 Sha1: eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA" Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2461 Expires: Wed, 07 Sep 2022 19:39:19 GMT Date: Wed, 07 Sep 2022 18:58:18 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: b9adda4796e3cda8d92753c46964621c Sha1: 5f1eba1f6085b23dea088a91fe6f8947172f9f62 Sha256: a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.25 HASH: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345 143.204.55.25 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Sat, 20 Aug 2022 23:18:05 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Wed, 07 Sep 2022 05:03:17 GMT etag: "742edb4038f38bc533514982f3d2e861" x-cache: Hit from cloudfront via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: xb6hgrJgmQ4ss6HC-nT1WKLwN4Gcrbh3n0mhoiIrZW80-exrv3RP5w== age: 54704 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 742edb4038f38bc533514982f3d2e861 Sha1: cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET / HTTP/1.1 Host: www.kamossat.gq User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: www.kamossat.gq/ FQDN: www.kamossat.gq IP: 142.4.6.21 HASH: a8a284f377cb9f21c53e5553234ecb693dc4c2c38f3306b6cde4aead5e05e913 142.4.6.21 HTTP/1.1 500 Internal Server Error Content-Type: text/html Date: Wed, 07 Sep 2022 18:58:18 GMT Server: Apache Content-Length: 7309 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 7309 Md5: c72ae097bc9d2737e20046b0610b9fab Sha1: 3087154a1d4752afc6cd1043ffed6f9203ad324e Sha256: a8a284f377cb9f21c53e5553234ecb693dc4c2c38f3306b6cde4aead5e05e913 Alerts: Blocklists: - openphish: Arvest Bank - fortinet: Phishing - quad9: Sinkholed
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Wed, 07 Sep 2022 18:58:18 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /favicon.ico HTTP/1.1 Host: www.kamossat.gq User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.kamossat.gq/	URL: www.kamossat.gq/favicon.ico FQDN: www.kamossat.gq IP: 142.4.6.21 HASH: a8a284f377cb9f21c53e5553234ecb693dc4c2c38f3306b6cde4aead5e05e913 142.4.6.21 HTTP/1.1 500 Internal Server Error Content-Type: text/html Date: Wed, 07 Sep 2022 18:58:19 GMT Server: Apache Content-Length: 7309 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 7309 Md5: c72ae097bc9d2737e20046b0610b9fab Sha1: 3087154a1d4752afc6cd1043ffed6f9203ad324e Sha256: a8a284f377cb9f21c53e5553234ecb693dc4c2c38f3306b6cde4aead5e05e913 Alerts: Blocklists: - openphish: Arvest Bank - quad9: Sinkholed
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Cache-Control: max-age=3600 Date: Wed, 07 Sep 2022 18:38:18 GMT Expires: Wed, 07 Sep 2022 19:07:22 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: MS8k1RfLVaY4vkyrppbYWCuBf37ISEs-1lASv5etuhNcdpSTD19FSg== Age: 1201 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5447 Cache-Control: 'max-age=158059' Date: Wed, 07 Sep 2022 18:58:19 GMT Last-Modified: Wed, 07 Sep 2022 17:27:32 GMT Server: ECS (ska/F713) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: a81b0f5b5d11bf95fc176833b2f6e808 Sha1: 5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5 Sha256: 8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 9u+vF8MZkuc5N11fXQ/BFw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 54.149.101.24 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.149.101.24 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 7qFDajJyTWd3B6L/79liZZylpvM= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8" Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5951 Expires: Wed, 07 Sep 2022 20:37:32 GMT Date: Wed, 07 Sep 2022 18:58:21 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: bc70b1691dd339e8120b92ba393ffb69 Sha1: 99118be3645b3182ccdc5f9da149a97c220a3929 Sha256: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8" Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5951 Expires: Wed, 07 Sep 2022 20:37:32 GMT Date: Wed, 07 Sep 2022 18:58:21 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: bc70b1691dd339e8120b92ba393ffb69 Sha1: 99118be3645b3182ccdc5f9da149a97c220a3929 Sha256: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8" Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5951 Expires: Wed, 07 Sep 2022 20:37:32 GMT Date: Wed, 07 Sep 2022 18:58:21 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: bc70b1691dd339e8120b92ba393ffb69 Sha1: 99118be3645b3182ccdc5f9da149a97c220a3929 Sha256: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: ebd84bf1db6b39b92be1020c7ea5c32eaa23dfb347ec83941d5bc56e80855ebc 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12661 x-amzn-requestid: 71ef9e09-ccf1-4930-865d-665ece4bf3a6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: X3hXnFnXIAMFqKQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6312e296-627daf7c7ad3e23a60b183cd;Sampled=0 x-amzn-remapped-date: Sat, 03 Sep 2022 05:13:58 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: xwunW741LulZXvM0har5nqrcCiyYoUwvhCWiPsEvs5P2VKSe476_Cw== via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google date: Tue, 06 Sep 2022 22:14:32 GMT etag: "dd9cd9b711d7112efa85eff8a798346dbd7d5f5f" age: 74629 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12661 Md5: 79f4356c488498012cc7fc03be21e3df Sha1: dd9cd9b711d7112efa85eff8a798346dbd7d5f5f Sha256: ebd84bf1db6b39b92be1020c7ea5c32eaa23dfb347ec83941d5bc56e80855ebc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 6b55c4d692cf584e0319b07251d9845749fe8954062dab66e003dd2706451504 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4805 x-amzn-requestid: 270858f2-c94d-4047-8e3b-c49a5a603610 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: XjbiJHuZoAMFpSg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-630ad940-3ba2164762e4f74227b6a23b;Sampled=0 x-amzn-remapped-date: Sun, 28 Aug 2022 02:56:00 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: do30zKZmrP_j4feGGu8G39ibskE4dXxTL8YzpAR7PCFpQuJalYeJqA== via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google date: Tue, 06 Sep 2022 21:57:13 GMT age: 75668 etag: "5200b601017ce86614783b76fd2a775c1c48d4e9" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4805 Md5: 4f29d8aaae2d67c27c58001e7553dea7 Sha1: 5200b601017ce86614783b76fd2a775c1c48d4e9 Sha256: 6b55c4d692cf584e0319b07251d9845749fe8954062dab66e003dd2706451504
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6214 x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Xj_0HFKbIAMFRbg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0 x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google date: Wed, 07 Sep 2022 05:12:06 GMT age: 49575 etag: "50f1459de01174e594e03e7df4dfaa8eb1798672" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6214 Md5: f922505178de0cea92eedcfda85a9f67 Sha1: 50f1459de01174e594e03e7df4dfaa8eb1798672 Sha256: 981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 62f913a6498b21da33451e7cf0e37c5fdef565324bcd35d93cb536527394a3d5 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11778 x-amzn-requestid: 0054ce27-72f6-4161-90d0-eeb20d9c9537 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YDqcrEczIAMFqlg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6317bdea-0c3e511533c91b783a458f2b;Sampled=0 x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:50 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: Q4n9f959aCshN6qgQ2LWVSUTmSd4hvjWyF2GNdsR1_asVSdFKxXsqw== via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google date: Tue, 06 Sep 2022 21:41:08 GMT age: 76633 etag: "55154c3878e9650f463805c3829f03a1603f14c1" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11778 Md5: 1462b0c8fff091f29c7c5145031c08aa Sha1: 55154c3878e9650f463805c3829f03a1603f14c1 Sha256: 62f913a6498b21da33451e7cf0e37c5fdef565324bcd35d93cb536527394a3d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: da9dbade65f50c1f9ca10956dc863759dd1e0cdf7e28721c79831c288d3ae24e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3604 x-amzn-requestid: 193380c8-0d3a-4b81-9429-fa4cb4cf136e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YDq26FI7oAMFpOw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6317be92-2f435ce33c4469de425b11a3;Sampled=0 x-amzn-remapped-date: Tue, 06 Sep 2022 21:41:38 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: 6MhayVPx_iJ_mgJzUfuOsFeBgAK21RktvWOwrX3Rvk3WIElEek1LFA== via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google date: Tue, 06 Sep 2022 21:49:33 GMT etag: "b95ee99dafca1695d6b86763fce0ceb058f40ef3" age: 76128 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3604 Md5: 932f4d99fb1927aae3010e00472b38c3 Sha1: b95ee99dafca1695d6b86763fce0ceb058f40ef3 Sha256: da9dbade65f50c1f9ca10956dc863759dd1e0cdf7e28721c79831c288d3ae24e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: bdb0e76fe216f742789ba5a77645c640fe0c7f207707181e618fa31d4cf58605 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8462 x-amzn-requestid: 1a501a0a-2671-468b-885b-2a2efb73bc2e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YDq64HbCIAMFjGg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6317beab-395f6d1436b027ee60d00abd;Sampled=0 x-amzn-remapped-date: Tue, 06 Sep 2022 21:42:03 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: ZWf6CXKcClMXAXmFXNp0sxVCMUFyZqhhh7B83tJMX_jvteLRDzG8QA== via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google date: Tue, 06 Sep 2022 21:42:04 GMT etag: "cde85fbe83c9e29618edf4e05002bd623e3ab965" age: 76577 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8462 Md5: 70c964498818242b742575cfa1769b67 Sha1: cde85fbe83c9e29618edf4e05002bd623e3ab965 Sha256: bdb0e76fe216f742789ba5a77645c640fe0c7f207707181e618fa31d4cf58605

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 939 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Date: Wed, 07 Sep 2022 18:04:44 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: 1GTAG2h4ztqa1oaJRZhdpvRVEJdgXY-fL-2v0tBzHD1zo1GzRW6Xaw== 

                                        
                                            
Age: 3214 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    99b7d23c1748d0526782b9ff9ea45f09

                                                Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f

                                                Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.25

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
content-length: 5348 

                                        
                                            
last-modified: Sat, 20 Aug 2022 23:18:05 GMT 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
date: Wed, 07 Sep 2022 05:03:17 GMT 

                                        
                                            
etag: "742edb4038f38bc533514982f3d2e861" 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-C1 

                                        
                                            
x-amz-cf-id: xb6hgrJgmQ4ss6HC-nT1WKLwN4Gcrbh3n0mhoiIrZW80-exrv3RP5w== 

                                        
                                            
age: 54704 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    742edb4038f38bc533514982f3d2e861

                                                Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1

                                                Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Wed, 07 Sep 2022 18:58:18 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 329 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Date: Wed, 07 Sep 2022 18:38:18 GMT 

                                        
                                            
Expires: Wed, 07 Sep 2022 19:07:22 GMT 

                                        
                                            
ETag: "1648230346554" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: MS8k1RfLVaY4vkyrppbYWCuBf37ISEs-1lASv5etuhNcdpSTD19FSg== 

                                        
                                            
Age: 1201 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: 9u+vF8MZkuc5N11fXQ/BFw== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         54.149.101.24

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: 7qFDajJyTWd3B6L/79liZZylpvM= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8" 

                                        
                                            
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=5951 

                                        
                                            
Expires: Wed, 07 Sep 2022 20:37:32 GMT 

                                        
                                            
Date: Wed, 07 Sep 2022 18:58:21 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    bc70b1691dd339e8120b92ba393ffb69

                                                Sha1:   99118be3645b3182ccdc5f9da149a97c220a3929

                                                Sha256: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 12661 

                                        
                                            
x-amzn-requestid: 71ef9e09-ccf1-4930-865d-665ece4bf3a6 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: X3hXnFnXIAMFqKQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6312e296-627daf7c7ad3e23a60b183cd;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 03 Sep 2022 05:13:58 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: xwunW741LulZXvM0har5nqrcCiyYoUwvhCWiPsEvs5P2VKSe476_Cw== 

                                        
                                            
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 06 Sep 2022 22:14:32 GMT 

                                        
                                            
etag: "dd9cd9b711d7112efa85eff8a798346dbd7d5f5f" 

                                        
                                            
age: 74629 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   12661

                                                Md5:    79f4356c488498012cc7fc03be21e3df

                                                Sha1:   dd9cd9b711d7112efa85eff8a798346dbd7d5f5f

                                                Sha256: ebd84bf1db6b39b92be1020c7ea5c32eaa23dfb347ec83941d5bc56e80855ebc

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6214 

                                        
                                            
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: Xj_0HFKbIAMFRbg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ== 

                                        
                                            
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Wed, 07 Sep 2022 05:12:06 GMT 

                                        
                                            
age: 49575 

                                        
                                            
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6214

                                                Md5:    f922505178de0cea92eedcfda85a9f67

                                                Sha1:   50f1459de01174e594e03e7df4dfaa8eb1798672

                                                Sha256: 981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 3604 

                                        
                                            
x-amzn-requestid: 193380c8-0d3a-4b81-9429-fa4cb4cf136e 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: YDq26FI7oAMFpOw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6317be92-2f435ce33c4469de425b11a3;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 06 Sep 2022 21:41:38 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: 6MhayVPx_iJ_mgJzUfuOsFeBgAK21RktvWOwrX3Rvk3WIElEek1LFA== 

                                        
                                            
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 06 Sep 2022 21:49:33 GMT 

                                        
                                            
etag: "b95ee99dafca1695d6b86763fce0ceb058f40ef3" 

                                        
                                            
age: 76128 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   3604

                                                Md5:    932f4d99fb1927aae3010e00472b38c3

                                                Sha1:   b95ee99dafca1695d6b86763fce0ceb058f40ef3

                                                Sha256: da9dbade65f50c1f9ca10956dc863759dd1e0cdf7e28721c79831c288d3ae24e

URL	www.kamossat.gq/
IP	142.4.6.21 (United States)
ASN	#46606 UNIFIEDLAYER-AS-1
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-09-07 18:58:29 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	5
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (8)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 142.4.6.21

Last 5 reports on ASN: UNIFIEDLAYER-AS-1

Last 2 reports on domain: kamossat.gq

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (18)

Overview

Domain Summary (8)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 142.4.6.21

Last 5 reports on ASN: UNIFIEDLAYER-AS-1

Last 2 reports on domain: kamossat.gq

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (18)

Network Intrusion Detection Systems